CVE-2026-33382: CWE-400 in Grafana Grafana OSS
Several Grafana API endpoints, some of them unauthenticated, do not limit the size of the request body before processing it. An attacker can send very large payloads that force excessive memory…
Read the full articleYou might also wanna read

WAF - Increased WAF payload limit for all plans
Cloudflare WAF now inspects request-payload size of up to 1 MB across all plans to enhance our detection capabilities for React RCE (CVE-202
CVE-2026-12043: Heap Double-Free Vulnerability Discovered in AWS Common Runtime aws-c-http Library
Bulletin ID: 2026-043-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/12/2026 11:45 AM PDT
Critical Redis Vulnerability (CVE-2025-49844) Allows Remote Code Execution with Maximum CVSS Score
Wiz Research discovers vulnerability stemming from 13-year-old bug present in all Redis versions, used in 75% of cloud environments.
Technical Analysis of CVE-2025-53149: Heap-based Buffer Overflow in Windows Kernel Streaming Driver
Technical deep-dive into CVE-2025-53149, a heap-based buffer overflow in the Windows Kernel Streaming WOW Thunk Service driver (ksthunk.sys)
Proof-of-Concept Exploit Released for Critical NGINX Heap Buffer Overflow (CVE-2026-42945)
exploit for CVE-2026-42945. Contribute to DepthFirstDisclosures/Nginx-Rift development by creating an account on GitHub.
Unpatchable Vulnerabilities of Kubernetes: CVE-2021-25740
A look at how Kubernetes CVE-2021-25740 allows users with EndpointSlice access to redirect traffic via shared ingress and load balancer serv

Comments
Sign in to join the conversation.
No comments yet. Be the first.